Lucene search
K

13 matches found

CVE
CVE
added 2026/04/30 7:45 p.m.13 views

CVE-2026-7429

CVE-2026-7429 affects SSCMS v7.4.0 and describes a reflected cross‑site scripting flaw in the STL processing endpoint. The vulnerability arises from improper output encoding in the /api/stl/actions/dynamic endpoint, where malicious STL template payloads can be decrypted and returned without sanit...

4.6CVSS5.3AI score0.00165EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/02/25 12:0 a.m.26 views

PT-2026-21824

Name of the Vulnerable Software and Affected Versions OpenEMR versions prior to 7.0.4 Description OpenEMR is an open source electronic health records and medical practice management application. Prior to version 7.0.4, the disposeDocument method in EtherFaxActions.php allows authenticated users t...

9.9CVSS5.4AI score0.02164EPSS
Exploits5References14
Vulnrichment
Vulnrichment
added 2025/11/13 9:24 a.m.4 views

CVE-2025-64379 WordPress Booster for WooCommerce plugin <= 7.4.0 - Broken Access Control vulnerability

Missing Authorization vulnerability in Pluggabl Booster for WooCommerce woocommerce-jetpack allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Booster for WooCommerce: from n/a through = 7.4.0...

4.3CVSS6.6AI score0.00182EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/09/14 12:0 a.m.7 views

Korzh EasyQuery SQL注入漏洞

Korzh EasyQuery is a query builder software from Korzh. A SQL injection vulnerability exists in Korzh EasyQuery 7.4.0 and earlier versions, which stems from improper handling of files/api/easyquery/models/nwind/fetch in the Query Builder UI component, which can lead to SQL injection attacks...

6.5CVSS6.9AI score0.00221EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/05/23 3:22 a.m.15 views

CVE-2023-24735

PMB v7.4.6 was discovered to contain an open redirect vulnerability via the component /opaccss/pmb.php. This vulnerability allows attackers to redirect victim users to an external domain via a crafted URL...

6.1CVSS7.1AI score0.0108EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 2:4 a.m.8 views

CVE-2023-6874

Prior to v7.4.0, Ember ZNet is vulnerable to a denial of service attack through manipulation of the NWK sequence number...

7.5CVSS6.7AI score0.00351EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/11/01 12:0 a.m.6 views

SiSMART 安全漏洞

SiSMART is a content management system from SiSMART, Inc. A security vulnerability exists in SiSMART version 7.4.0 that stems from the presence of an insecure direct object reference in the dashboard that allows an attacker to perform a horizontal-privilege upgrade...

8.8CVSS6.7AI score0.0068EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2021/09/06 12:0 a.m.14 views

PT-2021-5346 · Php +2 · Php +2

Name of the Vulnerable Software and Affected Versions: PHP versions 7.3.x through 7.3.30 PHP versions 7.4.x through 7.4.23 PHP versions 8.0.x through 8.0.10 Description: The issue arises from the incorrect restriction of the path name to a directory with limited access in the ZipArchive::extractT...

10CVSS6.7AI score0.99998EPSS
Exploits338References236
OSV
OSV
added 2021/05/25 7:15 p.m.3 views

DEBIAN-CVE-2021-32640

ws is an open source WebSocket client and server library for Node.js. A specially crafted value of the Sec-Websocket-Protocol header can be used to significantly slow down a ws server. The vulnerability has been fixed in [email protected]...

5.3CVSS6.1AI score0.02821EPSS
Exploits1References1
CNVD
CNVD
added 2020/02/05 12:0 a.m.4 views

Pandora FMS Remote Code Execution Vulnerability

Pandora FMS is an open source application , used to monitor the site's various activities , it can receive real-time monitoring reports , and sent to your designated mailbox , you can also send via e-mail , SMS . A remote code execution vulnerability exists in Pandora FMS 7.42 and earlier version...

7.1CVSS8.3AI score0.03434EPSS
Exploits1References1
CNVD
CNVD
added 2020/01/22 12:0 a.m.4 views

Unspecified Vulnerability in Comtech Telecommunications Stampede FX-1010 (CNVD-2020-14359)

The Comtech Telecommunications Stampede FX-1010 is a data center product from Comtech Telecommunications. A security vulnerability exists in the Comtech Telecommunications Stampede FX-1010 version 7.4.3. A remote attacker can exploit this vulnerability by navigating to the Diagnostics Trace Route...

9CVSS7.2AI score0.04418EPSS
Exploits1References1
CNVD
CNVD
added 2016/10/21 12:0 a.m.3 views

NetIQ Sentinel Arbitrary Code Execution Vulnerability

NetIQ Sentinel is a Security Information and Event Management SIEM solution from NetIQ USA. A security vulnerability exists in NetIQ Sentinel version 7.4x, which can be exploited by an attacker to execute arbitrary code in an affected application...

9.8CVSS9.5AI score0.34731EPSS
Exploits0References1
CNVD
CNVD
added 2016/04/08 12:0 a.m.5 views

SAP NetWeaver Java AS RTC Service Information Disclosure Vulnerability

SAP NetWeaver is SAP's integrated technology platform and the technology foundation for all SAP applications since SAP Business Suite. A security vulnerability exists in the chat function of the RTC service in SAP NetWeaver Java AS version 7.4, which can be exploited by remote attackers to obtain...

5.3CVSS6.7AI score0.02413EPSS
Exploits1References1
Rows per page
Query Builder